The importance of regulatory change as big data and surveillance merge

Today sees the launch of the national surveillance camera strategy for England and Wales, headed up by Tony Porter, the government’s Surveillance Camera Commissioner.

The three year strategy is a welcome step forward but it also comes with a stark warning from Mr. Porter, the government’s CCTV watchdog, who is concerned that regulators and the government were struggling to keep up with the pace of technological change.

What most worries me is the impact of big data and integration of video surveillance… I’m worried about overt surveillance becoming much more invasive because it is linked to everything else.

Tony Porter – Surveillance Camera Commissioner

The new strategy acknowledges that most people currently support the use of CCTV in public places but the Commissioner’s concerns are whether this support can continue because of the way surveillance is changing. As technology advances and converges, the possibilities for its use are expanding at breakneck speed and there are undoubtedly some cases where it’s been invaluable – such as drones helping the police solve crimes and hunt for missing people but, it’s also creating problems with privacy.

As the collection of big data merges with the proliferation of video surveillance, the overt use of CCTV, drones and body worn cameras could become more invasive than was first intended. As images of people are captured and potentially compared against other monitored data about individuals and their movements, it potentially signals the potential for an invasion of privacy on a mass scale.

Guiding principles

This is why at NW Security Group, we feel regulatory change is incredibly important. We agree with Mr. Porter’s 12 guiding principles published in the Surveillance camera code of practice, and we think this should not only be applied by public space operators but also within companies and other organisations.

Plus, we also like to emphasise that the organisation should apply best practice methods to protect the captured and recorded data as well as the system’s devices from hack attempts. We think Mr. Porter should make this a 13th principle, in line with General Data Protection Regulation (GDPR), to ensure the security of the vast amount of personal data that is being kept within those systems.

For those that need to brush up on compliance, here are the 12 principles from the Surveillance camera code of practice.

Use of a surveillance camera system must always be for a specified purpose which
is in pursuit of a legitimate aim and necessary to meet an identified pressing need.

The use of a surveillance camera system must take into account its effect on
individuals and their privacy, with regular reviews to ensure its use remains justified.

There must be as much transparency in the use of a surveillance camera system as
possible, including a published contact point for access to information and complaints.

There must be clear responsibility and accountability for all surveillance camera
system activities including images and information collected, held and used.

Clear rules, policies and procedures must be in place before a surveillance camera
system is used, and these must be communicated to all who need to comply with them.

No more images and information should be stored than that which is strictly required
for the stated purpose of a surveillance camera system, and such images and
information should be deleted once their purposes have been discharged.

Access to retained images and information should be restricted and there must be
clearly defined rules on who can gain access and for what purpose such access is
granted; the disclosure of images and information should only take place when it is
necessary for such a purpose or for law enforcement purposes.

Surveillance camera system operators should consider any approved operational,
technical and competency standards relevant to a system and its purpose and work
to meet and maintain those standards.

Surveillance camera system images and information should be subject to appropriate
security measures to safeguard against unauthorised access and use.

There should be effective review and audit mechanisms to ensure legal
requirements, policies and standards are complied with in practice, and regular
reports should be published.

When the use of a surveillance camera system is in pursuit of a legitimate aim, and
there is a pressing need for its use, it should then be used in the most effective way
to support public safety and law enforcement with the aim of processing images and
information of evidential value.

Any information used to support a surveillance camera system which compares
against a reference database for matching purposes should be accurate and kept up
to date.

“NW Systems Group Limited” has formally changed name to “NW Security Group Limited” – it’s just one...

Established in 2004, NW Security Group is a leading provider of high-performance security systems that deliver real business impact. From consultancy through to successful delivery, we have a proven record in the design, installation and maintenance of CCTV and network-based security solutions. We work closely with customers, providing wide ranging technical and consultancy services as well as training and fully managed security provision, offering peace of mind and long-term investment protection.